Bcp38 configuration

Installing and Using OpenWrt Network and Wireless Configuration
21

No changes are achieved even disabling that option: https://spoofer.caida.org/report.php?sessionid=1198480

22

For what is worth, another test with another portuguese ISP using the same "lan-style-first-hop":

Path 4 (to: 130.206.158.142)
192.168.10.1	0
10.240.192.1	0
* * *	0
195.8.30.241	8657
195.8.0.198	8657
195.8.0.198	8657
195.66.226.161	0
* * *	0
* * *	0
* * *	0
62.40.98.72	20965
83.97.88.130	21320
130.206.245.93	766
130.206.195.2	766
130.206.158.2	766
130.206.158.50	766
130.206.158.142	766

Using 10.240.192.1 as first-hop (but not as gateway!), passed 100% at these tests.The router is not running Openwrt, instead Opnsense. So, It seems the issue is with Openwrt+luci-app-bcp38 and not with this type of ISP first hops.

In: https://spoofer.caida.org/report.php?sessionid=1198489

23

You need to monitor the output while trying to pass some traffic:

iptables-save -c -t filter | grep -i -e bcp -e drop -e reject

Identify the chains and rules with growing counters matching the restrictive target.

2 Likes